/// <summary> /// Creates a security token based on a token descriptor. /// </summary> /// <param name="tokenDescriptor">The token descriptor.</param> /// <returns>A security token.</returns> /// <exception cref="ArgumentNullException">Thrown if 'tokenDescriptor' is null.</exception> public override SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor) { if (null == tokenDescriptor) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenDescriptor"); } if (this.Configuration == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4272))); } ClaimsPrincipal principal = new ClaimsPrincipal(tokenDescriptor.Subject); if (this.Configuration.SaveBootstrapContext) { SecurityTokenHandlerCollection bootstrapTokenCollection = CreateBootstrapTokenHandlerCollection(); if (!bootstrapTokenCollection.CanWriteToken(tokenDescriptor.Token)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4010, tokenDescriptor.Token.GetType().ToString()))); } (principal.Identities as ReadOnlyCollection <ClaimsIdentity>)[0].BootstrapContext = new BootstrapContext(tokenDescriptor.Token, bootstrapTokenCollection[tokenDescriptor.Token.GetType()]); } DateTime validFrom = (tokenDescriptor.Lifetime.Created.HasValue) ? (DateTime)tokenDescriptor.Lifetime.Created : DateTime.UtcNow; DateTime validTo = (tokenDescriptor.Lifetime.Expires.HasValue) ? (DateTime)tokenDescriptor.Lifetime.Expires : DateTime.UtcNow + SessionSecurityTokenHandler.DefaultTokenLifetime; return(new SessionSecurityToken(principal, null, validFrom, validTo)); }
/// <summary> /// Creates the default set of SecurityTokenHandlers. /// </summary> /// <returns>A SecurityTokenHandlerCollectionManager with a default collection of token handlers.</returns> public static SecurityTokenHandlerCollectionManager CreateDefaultSecurityTokenHandlerCollectionManager() { SecurityTokenHandlerCollection defaultHandlers = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(); SecurityTokenHandlerCollectionManager defaultManager = new SecurityTokenHandlerCollectionManager(ConfigurationStrings.DefaultServiceName); defaultManager.collections.Clear(); defaultManager.collections.Add(SecurityTokenHandlerCollectionManager.Usage.Default, defaultHandlers); return(defaultManager); }
/// <summary> /// Creates an instance of this object using XML representation of the security token. /// </summary> /// <param name="securityTokenXml">The <see cref="XmlElement"/> representation of the security token.</param> /// <param name="securityTokenHandlers">The collection of <see cref="SecurityTokenHandler"/> objects that may /// be used to read and validate the security token this object represents.</param> public SecurityTokenElement(XmlElement securityTokenXml, SecurityTokenHandlerCollection securityTokenHandlers) { if (securityTokenXml == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenXml"); } if (securityTokenHandlers == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenHandlers"); } _securityTokenXml = securityTokenXml; _securityTokenHandlers = securityTokenHandlers; }
/// <summary> /// Initializes an instance of <see cref="SecurityTokenSerializerAdapter"/> /// </summary> /// <param name="securityTokenHandlerCollection"> /// The <see cref="SecurityTokenHandlerCollection" /> containing the set of <see cref="SecurityTokenHandler" /> /// </param> public SecurityTokenSerializerAdapter(SecurityTokenHandlerCollection securityTokenHandlerCollection) { if (securityTokenHandlerCollection == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenHandlerCollection"); } _securityTokenHandlers = securityTokenHandlerCollection; KeyInfoSerializer serializer = securityTokenHandlerCollection.KeyInfoSerializer as KeyInfoSerializer; if (serializer != null) { serializer.InnerSecurityTokenSerializer = this; } }
/// <summary> /// Reads a <see cref="SecurityToken"/> from the provided XML representation. /// </summary> /// <param name="securityTokenXml">The XML representation of the security token.</param> /// <param name="securityTokenHandlers">The <see cref="SecurityTokenHandlerCollection"/> used to /// read the token.</param> /// <returns>A <see cref="SecurityToken"/>.</returns> protected virtual SecurityToken ReadSecurityToken(XmlElement securityTokenXml, SecurityTokenHandlerCollection securityTokenHandlers) { SecurityToken securityToken = null; XmlReader reader = new XmlNodeReader(securityTokenXml); reader.MoveToContent(); securityToken = securityTokenHandlers.ReadToken(reader); if (securityToken == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4051, securityTokenXml, reader.LocalName, reader.NamespaceURI))); } return(securityToken); }
/// <summary> /// Creates a system default collection of basic SecurityTokenHandlers, each of which has the system default configuration. /// The SecurityTokenHandlers in this collection must be configured with service specific data before they can be used. /// </summary> /// <param name="configuration">The configuration to associate with the collection.</param> /// <returns>A SecurityTokenHandlerCollection with default basic SecurityTokenHandlers.</returns> public static SecurityTokenHandlerCollection CreateDefaultSecurityTokenHandlerCollection(SecurityTokenHandlerConfiguration configuration) { SecurityTokenHandlerCollection collection = new SecurityTokenHandlerCollection(new SecurityTokenHandler[] { new KerberosSecurityTokenHandler(), new RsaSecurityTokenHandler(), new SamlSecurityTokenHandler(), new Saml2SecurityTokenHandler(), new WindowsUserNameSecurityTokenHandler(), new X509SecurityTokenHandler(), new EncryptedSecurityTokenHandler(), new SessionSecurityTokenHandler(), }, configuration); defaultHandlerCollectionCount = collection.Count; return(collection); }
/// <summary> /// Creates the identities for the represented by the <see cref="SecurityToken"/>. /// </summary> /// <param name="securityTokenXml">The <see cref="XmlElement"/> representation of the security token.</param> /// <param name="securityTokenHandlers">The collection of <see cref="SecurityTokenHandler"/> objects that may /// be used to read and validate the security token this object represents.</param> /// <returns>A <see cref="ReadOnlyCollection{T}"/> of <see cref="ClaimsIdentity"/> representing the identities contained in the token.</returns> /// <exception cref="InvalidOperationException">If either parameter 'securityTokenXml' or 'securityTokenHandlers' are null.</exception> protected virtual ReadOnlyCollection <ClaimsIdentity> ValidateToken(XmlElement securityTokenXml, SecurityTokenHandlerCollection securityTokenHandlers) { if (securityTokenXml == null || securityTokenHandlers == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4052))); } SecurityToken securityToken = GetSecurityToken(); return(securityTokenHandlers.ValidateToken(securityToken)); }
/// <summary> /// Gets the bootstrap token handler collection. /// </summary> SecurityTokenHandlerCollection CreateBootstrapTokenHandlerCollection() { SecurityTokenHandlerCollection tokenHandlerCollection = this.ContainingCollection ?? SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(); return(tokenHandlerCollection); }